Autors: Mihaylova, D. A.
Title: Baseline Adversarial Machine Learning Attacks - A Comparative Study
Keywords: Adversarial Machine Learning, Carlini&Wagner, DeepFool, Fast Gradient Sign Method, Jacobian-based Saliency Map Attack

Abstract: Machine learning is recognized as one of the foremost technologies that are going to make an impact on Next Generation Wireless Systems. Among its numerous applications in different fields, it is acknowledged as a valuable tool in the domain of computer vision, intrusion detection systems, autonomous driving and much more. However, a great challenge to the robust operation of machine learning systems represents their vulnerability to adversarial machine learning (AML) attacks. In this paper, four methods of significant importance for crafting AML examples are studied, namely the Fast Gradient Sign Method, Jacobian-based Saliency Map Attack, DeepFool, Carlini & Wagner attack. The methods are compared according to several properties that can have critical influence on their implementation in various technology domains.

References

  1. C. Szegedy, W. Zaremba, I. Sutskever, J. Bruna, D. Erhan, I. Goodfellow, R. Fergus, "Intriguing properties of neural networks, " International Conference on Learning Representations, Banff, AB, Canada, 14-16 April 2014.
  2. I. J. Goodfellow, J. Shlens, C. Szegedy, "Explaining and harnessing adversarial examples", International Conference on Learning Representations, San Diego, CA, USA, 7-9 May 2015.
  3. N. Papernot, P. McDaniel, S. Jha, M. Fredrikson, Z. Berkay Celik, A. Swami, "The limitations of deep learning in adversarial settings", IEEE European symposium on security and privacy (EuroS&P), pp. 372-387, Mar 21, 2016.
  4. S.-M. Moosavi-Dezfooli, A. Fawzi and P. Frossard, "DeepFool: A Simple and Accurate Method to Fool Deep Neural Networks, " 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Las Vegas, NV, USA, 2016, pp. 2574-2582.
  5. N. Carlini and D. Wagner, "Towards Evaluating the Robustness of Neural Networks, " 2017 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA, 2017, pp. 39-57.
  6. Y. Pacheco, S. Weiqing, "Adversarial Machine Learning: A Comparative Study on Contemporary Intrusion Detection Datasets", 7th International Conference on Information Systems Security and Privacy (ICISSP 2021), 11-13 February 2021, pp. 160-171.
  7. S. Alahmed, Q. Alasad, J-S. Yuan, M. Alawad, "Impacting Robustness in Deep Learning-Based NIDS through Poisoning Attacks", Algorithms, 2024, vol. 17, no. 4, art. no. 155.

Issue

60th International Scientific Conference on Information, Communication and Energy Systems and Technologies, ICEST 2025 - Proceedings, 2025, Macedonia, https://doi.org/10.1109/ICEST66328.2025.11098269

Вид: публикация в международен форум, публикация в реферирано издание, индексирана в Scopus